3 views
Skip to first unread message

Roger Brownell

unread,
Oct 2, 2012, 6:23:08 AM10/2/12
to estatesa...@gmail.com, l_...@comcast.net, dongr...@yahoo.com, corvallis...@googlegroups.com, bama7...@charter.net, 19...@discountcar.ca, customer...@kitbag.com, mlle...@yahoo.com, ZEEDE...@aol.com

Peter Wendel

unread,
Oct 2, 2012, 8:55:07 AM10/2/12
to corvallis...@googlegroups.com
I suggest NOT opening the link in this message.

Peter Wendel

On Tue, Oct 2, 2012 at 3:23 AM, Roger Brownell <rogerb...@yahoo.com> wrote:

--
You received this message because you are subscribed to the Google Groups "corvallis-etailing" group.
To post to this group, send email to corvallis...@googlegroups.com.
To unsubscribe from this group, send email to corvallis-etail...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/corvallis-etailing?hl=en.

Mike Fay

unread,
Oct 5, 2012, 12:32:17 AM10/5/12
to corvallis...@googlegroups.com
Hello,

The reason to not open the site is:

  

Mike

Pam Hood Szivek

unread,
Oct 5, 2012, 10:38:46 AM10/5/12
to corvallis...@googlegroups.com
Can someone go to my site (corvallischildrenstherapy.com) and see if they get same message?  Pishers are using my .com name, but it doesn't originate on my site.

Sent from my iPad
Pam

On Oct 4, 2012, at 9:32 PM, Mike Fay <ja...@jam-assoc.com> wrote:

Hello,

The reason to not open the site is:

   <dbaihhdc.png>

Dave Regan

unread,
Oct 5, 2012, 10:48:58 AM10/5/12
to corvallis...@googlegroups.com
The main web page isn't the issue.  If you look at the URL that started this:
   http://cdoctor.com/wp-includes/td06fnuu.php
it's possible that the main web page for cdoctor.com is just fine.  However, the vandal managed to create a bogus page on the site that vectors off to russia.

So the real question is if you have any bogus pages on your web site that aren't yours.  If you have seen any of the phishing messages, look at the URLs they are referring to.  Alternatively, look at your access log for unusual web pages that are returning results.

If either of these prove to show you have a problem, the first thing to do is to delete the offending page.  The second thing to do is to make sure any software on the web site is current.  The one above is a Word Press site.  The last thing to do, if possible, is to understand how the vandal got into your site to change content in the first place, though updating the software may have closed the door.

Trying to figure out how a web site was defaced can be difficult.  However, unless you close the door, the web site will be defaced using the same technique in the future.

    Dave Regan

Pam Hood Szivek

unread,
Oct 5, 2012, 11:09:57 AM10/5/12
to corvallis...@googlegroups.com
Thanks, Dave.
Pam

 
Pam Hood-Szivek
541-974-7709

From: Dave Regan <armoredpe...@gmail.com>
To: corvallis...@googlegroups.com
Sent: Friday, October 5, 2012 7:48 AM
Subject: Re: SPAM-MED: Re: [corvallis-etailing]

Colleen Dick

unread,
Oct 5, 2012, 11:29:51 AM10/5/12
to corvallis...@googlegroups.com
looks fine 2 me I didn't get a phish.  guess u fixed it.


On Fri, Oct 5, 2012 at 7:38 AM, Pam Hood Szivek <mspam...@yahoo.com> wrote:

Loyan Roylance

unread,
Oct 5, 2012, 11:33:58 AM10/5/12
to corvallis...@googlegroups.com
Pam,

Here is a simple tool I found recently to see if your mail server may be blacklisted. 

Reply all
Reply to author
Forward
0 new messages